GigaOm Radar for Attack Surface Management: Bishop Fox Named "Leader" and "Fast Mover". Read the report to learn why

Bishop Fox Hybrid Application Assessment Methodology

Overview of Bishop Fox’s methodology for hybrid application penetration testing.

Bishop Fox Hybrid Application Assessment Methodology

Learn how Bishop Fox conducts a Hybrid Application Assessment.

Bishop Fox’s hybrid application assessment combines the real-world attack techniques of application penetration testing with a targeted source-code review to more thoroughly identify security vulnerabilities in the application.

The assessment team begins by running automated scans of the deployed application and its source code. A deeper dive is then performed by analyzing the scan results and manually reviewing potential security vulnerabilities. Next, the team assesses the application’s architecture and business logic to locate any design-level issues. Finally, the findings are validated by manually exploiting the vulnerabilities and reviewing relevant design issues.

This Methodology document provides an overview of the following assessment process phases:

  • Pre-assessment
  • Discovery, Testing, and Code Analysis
  • Analysis and Reporting

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.